Linux: move hardcoded paths to GYP variables.

chrome/browser/zygote_host_linux.cc

 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/zygote_host_linux.h"
 
 #include <unistd.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 
 #include "base/command_line.h"
 #include "base/eintr_wrapper.h"
 #include "base/logging.h"
 #include "base/path_service.h"
 #include "base/pickle.h"
 #include "base/process_util.h"
 #include "base/string_util.h"
 #include "base/unix_domain_socket_posix.h"
 
 #include "chrome/browser/renderer_host/render_sandbox_host_linux.h"
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
 
-// Previously we just looked for the binary next to the Chromium binary. But
-// this breaks people who do a build-all.
-// NOTE packagers: change this.
-
-// static const char kSandboxBinary[] = "/opt/google/chrome/chrome-sandbox";
-static const char kSandboxBinary[] = "/false";
-
 ZygoteHost::ZygoteHost() {
   std::wstring chrome_path;
   CHECK(PathService::Get(base::FILE_EXE, &chrome_path));
   CommandLine cmd_line(chrome_path);
 
   cmd_line.AppendSwitchWithValue(switches::kProcessType,
                                  switches::kZygoteProcess);
 
   int fds[2];
   CHECK(socketpair(PF_UNIX, SOCK_SEQPACKET, 0, fds) == 0);
   base::file_handle_mapping_vector fds_to_map;
   fds_to_map.push_back(std::make_pair(fds[1], 3));
 
   const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
   if (browser_command_line.HasSwitch(switches::kZygoteCmdPrefix)) {
     const std::wstring prefix =
         browser_command_line.GetSwitchValue(switches::kZygoteCmdPrefix);
     cmd_line.PrependWrapper(prefix);
   }
 
   const char* sandbox_binary = NULL;
   struct stat st;
+
+#if !defined(GOOGLE_CHROME_BUILD)

[Michael Moss, 2009/07/15 21:19:49]

Not sure why this needs to be only !GOOGLE_CHROME_BUILD. It's possible to create
"official" builds for development, in fact, that's my default mode since I
usually want that for testing packaging changes. Is there any reason why this
couldn't be used for such builds?

+  // In Chromium branded builds, developers can set an environment variable to
+  // use the development sandbox. See
+  // http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment
   if (stat("/proc/self/exe", &st) == 0 &&
       st.st_uid == getuid()) {
     sandbox_binary = getenv("CHROME_DEVEL_SANDBOX");
   }
+#endif
 
+#if defined(LINUX_SANDBOX_PATH)
   if (!sandbox_binary)
-    sandbox_binary = kSandboxBinary;
+    sandbox_binary = LINUX_SANDBOX_PATH;
+#endif
 
-  if (stat(sandbox_binary, &st) == 0) {
+  if (sandbox_binary && stat(sandbox_binary, &st) == 0) {
     if (access(sandbox_binary, X_OK) == 0 &&
         (st.st_mode & S_ISUID) &&
         (st.st_mode & S_IXOTH)) {
       cmd_line.PrependWrapper(ASCIIToWide(sandbox_binary));
 
       // SUID binaries clear LD_LIBRARY_PATH. However, the sandbox binary needs
       // to run its child processes with the correct LD_LIBRARY_PATH so we save
       // a copy here:
       const char* ld_library_path = getenv("LD_LIBRARY_PATH");
       if (ld_library_path)
@@ skipping 89 matching lines @@
       !read_pickle.ReadBool(&iter, &tmp_child_exited)) {
     LOG(WARNING) << "Error parsing DidProcessCrash response from zygote.";
     return false;
   }
 
   if (child_exited)
     *child_exited = tmp_child_exited;
 
   return did_crash;
 }